[ALSA-2024:4499] Moderate: ruby security update
Type:
security
Severity:
moderate
Release date:
2024-07-17
Description:
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 (CVE-2023-36617) * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282) * REXML: DoS parsing an XML with many `<`s in an attribute value (CVE-2024-35176) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 ruby-2.5.9-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 1b96c1f6b3a8a705560d0de3bd93eaf7057142a4b632fb35cb9d6404bc5eb620
aarch64 rubygem-json-2.1.0-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 4a33b16dafcf02b77614f885bb4eac4848e4c4a1c011f94347416c018c8311d9
aarch64 ruby-devel-2.5.9-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 53a475cf6bb70293dfa332adba6e289fc25c3e86c416c7109b21cb702161be23
aarch64 Packages/rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.aarch64.rpm 5974fa8497b83d1a4df2acf3d75301aa07fad828a823aec6a400436f617dc58f
aarch64 rubygem-psych-3.0.2-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 6900346ef7a8129f70258bd58f353605b3d51c4defeeb0a3e248497e9eddc542
aarch64 ruby-libs-2.5.9-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 6ba6b1e7e4ab3ccd366c8ebad4b466d1570bba01637c29660928ce3db1f9e62f
aarch64 rubygem-openssl-2.1.2-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm 6f405ad6f9990d3a8047bb4659212f3f402bce084b67430c8d2fc14c17a614de
aarch64 rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.aarch64.rpm b444bcde35de2998bb5f8c4db140a04c11f16f94d2252d37869a1f093dc5dd57
aarch64 rubygem-bigdecimal-1.3.4-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm d967bac7a109ba2f43a8deca568cc1b4267ad381aa1e76b318fd129df925ae9e
aarch64 Packages/rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.aarch64.rpm df9c22479a5fbb8f2897203f63a3e4427a4fe59460d7e9ed5fe686519e1e51c8
aarch64 rubygem-io-console-0.4.6-112.module_el8.10.0+3871+342e2c2f.aarch64.rpm e41e08d54d34a918dc35716206fc8b5e91a9655298e585ace924d765ba49b210
i686 rubygem-bigdecimal-1.3.4-112.module_el8.10.0+3871+342e2c2f.i686.rpm 04c710c5f7297ec24ff58f19d6a7c8462dbce2378804a0767d69ad85bf1fde5c
i686 ruby-libs-2.5.9-112.module_el8.10.0+3871+342e2c2f.i686.rpm 392f9ae6cffd64ead831c03d26471a43eca07911ded095de04caa5af016ef03e
i686 rubygem-json-2.1.0-112.module_el8.10.0+3871+342e2c2f.i686.rpm 83dc8be713d1637bd5d6e44fa8623dcd5ac6ef6fd66f20219daef2929a39edde
i686 rubygem-io-console-0.4.6-112.module_el8.10.0+3871+342e2c2f.i686.rpm a8de9cdaa769a4d2c6f760eef4bd18ebf5349a93feabc2c00fb6a4aa6ae26854
i686 ruby-2.5.9-112.module_el8.10.0+3871+342e2c2f.i686.rpm d72550655650fe862d956ab420174d7fc16476f9cb746653e0ac8c6748d9e861
i686 ruby-devel-2.5.9-112.module_el8.10.0+3871+342e2c2f.i686.rpm da4573f18ca39166ddb5fe9293bf5be1a8cb816f9d3484695a55967e8bf4ca0c
i686 rubygem-openssl-2.1.2-112.module_el8.10.0+3871+342e2c2f.i686.rpm dbfb56c9468d9089204dfd643209dfe4f3e813a16c456a8d29e66456aa61fa1f
i686 rubygem-psych-3.0.2-112.module_el8.10.0+3871+342e2c2f.i686.rpm e0913890470ac7491e24fc6606e803389afc8b0eae9c92a8883b963912b8ad92
noarch rubygem-net-telnet-0.1.1-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 0c303c5ba458f6d9bb80bb50455cd118e01e0360e7ee8aaaf2299cfd3219bf45
noarch rubygem-did_you_mean-1.2.0-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 158e45006c9edaef3fd4b286b163e04a145e967d4594996ee30012af36f02758
noarch rubygem-bundler-1.16.1-4.module_el8.10.0+3871+342e2c2f.noarch.rpm 186feaa413e45c36467068a22b04de47541aafc70923a531fe583d9d131263d4
noarch rubygem-power_assert-1.1.1-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 208bfce065c6540c12d437348a7f7e4fa934dfb14ef3049711fd790dd086d5f2
noarch rubygem-abrt-doc-0.3.0-4.module_el8.10.0+3871+342e2c2f.noarch.rpm 23f4e5352303fbe382eb4c6194887ff9e2dad8797516dd85ae0efd8eff375c61
noarch rubygem-test-unit-3.2.7-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 277eb6e8b97f2b2635a17668ccf6874b6ca1255f12965378994b7e19bb16bb42
noarch rubygem-bundler-doc-1.16.1-4.module_el8.10.0+3871+342e2c2f.noarch.rpm 6cf4f6e6d918e4dddcd51d124e0d055f3993d6ca4fbf1a8b9ba60534fe01a816
noarch Packages/rubygem-bson-doc-4.3.0-2.module_el8.5.0+2625+ec418553.noarch.rpm 820dee686065f0a35fb15e687d8595cfc665da43dc8ca2196c9e11fd568f8fb6
noarch rubygems-devel-2.7.6.3-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 8bcb7b587cc4e70a12209da45254f5970e70e2058658e5d7a230ed813196cbd0
noarch rubygem-pg-doc-1.0.0-3.module_el8.9.0+3635+c6f99506.noarch.rpm 8d04b2fdb59f2b51995d4fc57a412831e5d4d1c9d80fea1bcd0a7f5beaa55ab7
noarch rubygem-rdoc-6.0.1.1-112.module_el8.10.0+3871+342e2c2f.noarch.rpm 9995050c1748ab17cfe9b5104bd1fa6775a93ee3d90a7f923035eca0b37d84bd
noarch Packages/rubygem-mysql2-doc-0.4.10-4.module_el8.5.0+2625+ec418553.noarch.rpm a5c437b38dfc84a5e1abd920fbb284c8c83eee2636c46db7be65dabe7580a319
noarch rubygems-2.7.6.3-112.module_el8.10.0+3871+342e2c2f.noarch.rpm b48e53d39ee58f8fa5b333f57af369a78b8a2cb7de0e3e6749a08ae6fa151d60
noarch Packages/rubygem-mongo-doc-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm c506b397bd566dcb4d539202156f734660a33a62d3a515a6a1cd6b116e8f1608
noarch rubygem-minitest-5.10.3-112.module_el8.10.0+3871+342e2c2f.noarch.rpm cb46b02e4f00096b3cb657ed9e9fc5bcd8d98910c12916da1d4d0aafd89bb626
noarch rubygem-abrt-0.3.0-4.module_el8.10.0+3871+342e2c2f.noarch.rpm ccc530c3d8881ab2b41234ee0babcf20043b53051f92259b91d3f66a0d5d8a41
noarch ruby-irb-2.5.9-112.module_el8.10.0+3871+342e2c2f.noarch.rpm eb9c23b5cb8ab1ba6d8cffada269a33591daef474425e05c321a3f274e49483d
noarch rubygem-xmlrpc-0.3.0-112.module_el8.10.0+3871+342e2c2f.noarch.rpm efc328554feea1306bfb3ed6f2a239ce9abb2468eaa7bb24dacaf5c78648678a
noarch rubygem-rake-12.3.3-112.module_el8.10.0+3871+342e2c2f.noarch.rpm f32411bdaff630ffa4096ae258e3afc3e2f426132dbab7fd215c82b54b8c1344
noarch ruby-doc-2.5.9-112.module_el8.10.0+3871+342e2c2f.noarch.rpm f468e432f9d5310e3ea9b58375f60a293573d2aa47162d137ee214a54a208479
noarch Packages/rubygem-mongo-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm fd8a90dea5a7c07c95bf2e7ac7337dba4ebe6a1ce35899e2b8c46c6d51b0bbc3
ppc64le rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.ppc64le.rpm 06e82db6ec9a6ca9bca4ebf7a23a9c663e72ddf511353b31aa5cb72b797b9620
ppc64le ruby-2.5.9-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 0d941c380f9d3fc79c0653ebcc345bdf3931b2e25ed2adaffc649c501a301d17
ppc64le ruby-devel-2.5.9-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 1882d701abaaa9cdffc11823cd110c8f4cb2a429569d62eb3aac23b343cd0288
ppc64le rubygem-json-2.1.0-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 20cdfca0f23a6b165bb34fc10e9584116d8a42f8a81bd0e3175ad0d2d2b10bbe
ppc64le rubygem-io-console-0.4.6-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 3f517cc834320b69a18c9fee7979edbc00a190806c16cc3fb964f0e75b44fe78
ppc64le rubygem-bigdecimal-1.3.4-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 6dd5366a2e9dc83512c71553a36bbd8f81b6da25ea705cdd01bb9e10f649568a
ppc64le rubygem-openssl-2.1.2-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm 9f9bb3b529d442cb4dba732a7d3db4522fe58be84d57ea000d25da2a80a7268a
ppc64le rubygem-psych-3.0.2-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm a19472e4f8559d710a7d9fff17a1ff41eff08c90b055372251dafd88bf2a9ae8
ppc64le rubygem-bson-4.3.0-2.module_el8.5.0+259+8cec6917.ppc64le.rpm a5e4457e2736c2e55169c63d83c1c69429c57c426851036811976c1ccafb28af
ppc64le rubygem-mysql2-0.4.10-4.module_el8.5.0+259+8cec6917.ppc64le.rpm aa75a18f3d930eff9a18793d83ef37e5a4ee20d38020be57b8ce69c175f1eac8
ppc64le ruby-libs-2.5.9-112.module_el8.10.0+3871+342e2c2f.ppc64le.rpm b6e2a32e7ff2944738c579b3131320d2022fc5008f5508169e1039f3ce7cc15c
s390x rubygem-bigdecimal-1.3.4-112.module_el8.10.0+3871+342e2c2f.s390x.rpm 06289c2ada001cdcf9faca3a53563a5a70c682abd78b2683ec02e51cb7787ac5
s390x ruby-devel-2.5.9-112.module_el8.10.0+3871+342e2c2f.s390x.rpm 2793a8420735e4e832600c28f740871aef115b664a68413ef825738047d6548e
s390x ruby-libs-2.5.9-112.module_el8.10.0+3871+342e2c2f.s390x.rpm 564f04a781d45baea7fb29fbb254dc42bd67c9a388589627c5e3a0ca91e18c41
s390x ruby-2.5.9-112.module_el8.10.0+3871+342e2c2f.s390x.rpm 6c8e10a7bf5a16a5a42da88393db496295c6988fb85a127eacf6814fc3e343ed
s390x rubygem-json-2.1.0-112.module_el8.10.0+3871+342e2c2f.s390x.rpm 8357972b615147adaab1e77a863f2d08fcba60f293a66af3e95ff0b0aff9a9bc
s390x rubygem-bson-4.3.0-2.module_el8.6.0+3170+4b08f9d4.s390x.rpm 871397eff83a497bf29db2e02e81837d1648c1813afa6030e2bab44d3f0db282
s390x rubygem-io-console-0.4.6-112.module_el8.10.0+3871+342e2c2f.s390x.rpm aa52150393cda14980a7f6ea70e0c42ffa7cba3d43920d0de76f064ae75f5759
s390x rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.s390x.rpm d52a51f8cfdbeb3099ce92946748481f426b77c9da23f77737fe3d4fcd1b245c
s390x rubygem-openssl-2.1.2-112.module_el8.10.0+3871+342e2c2f.s390x.rpm d5ebe4e4c1453a78990df9a1eb21d72963f280b596507fd06b81e7a937fb879d
s390x rubygem-mysql2-0.4.10-4.module_el8.6.0+3170+4b08f9d4.s390x.rpm e8ee63b6046ba22292c8ac7eb85440ace9fe11b17fef5bf5f590b754f4c7aadb
s390x rubygem-psych-3.0.2-112.module_el8.10.0+3871+342e2c2f.s390x.rpm fb8b003da8ca741343c8e49701f697110d6eb405a1c203bafd1be794b1689a65
x86_64 ruby-libs-2.5.9-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 0903a905b89a511465612f2f95215e78c5e8ec588d0f724b50adc975bffc1062
x86_64 ruby-2.5.9-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 152ced083230b999979f70cb1f3bfff49f9e9a6afa53b1b46345bec2885e0073
x86_64 rubygem-bigdecimal-1.3.4-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 26835745be2413b43da9998bdf94f54cf7640bc0fe4c43d8e372127309c9b5ca
x86_64 rubygem-psych-3.0.2-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 2a9f951d8e4f907f5ef779339b1e483e371c97928a15625777090920f9cf60f5
x86_64 rubygem-openssl-2.1.2-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 3063cf7643dd5b2b3d594e6a6f7e2c73eadfbf96ac2b26b768a8ba2feb6af292
x86_64 Packages/rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.x86_64.rpm 701b12df65f3a6b04c5a716c2d13fa048539842fff558d5ca2a5517735c0ad17
x86_64 rubygem-io-console-0.4.6-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 84ca0cd0b37643f0b4cbbf1ce29d35567b01248868a1482a5b3babf3f9ec5ca7
x86_64 ruby-devel-2.5.9-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm 931982b82c43ca9ededf3afb389eca8561b673d0fd64ec7884cca12fb6e255c4
x86_64 rubygem-json-2.1.0-112.module_el8.10.0+3871+342e2c2f.x86_64.rpm af04ee16c020b247856846af33b4d6e9254a1aa688a06e00ecd06bf3cb01cc80
x86_64 Packages/rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.x86_64.rpm b2ebe847eeadbc351ac9bd080addfc65a5c7d8181cd5b6178b37febc62237648
x86_64 rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.x86_64.rpm cffd2e1de04ca4f1dd8b5d1c891d63d2fbc06355bd26ad5daa9e9cc8dd33fdd2
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.